Cybersecurity News from Across the Internet
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
California Attorney General Rob Bonta announced an investigation Wednesday into xAI over allegations that its artificial intelligence model Grok is being used to create nonconsensual sexually explicit images of women and children on a large scale, marking the latest escalation in regulatory efforts to address AI-generated deepfakes. The California investigation focuses on Grok’s “spicy mode,” … Read More “California AG launches investigation into X’s sexualized deepfakes – CyberScoop” »
Predator spyware operators have the ability to recognize why an infection failed, and the tech has more sophisticated capabilities for averting detection than previously known, according to research published Wednesday. Jamf Threat Labs found from an analysis of a Predator sample that it has an error code system that can alert operators to why an … Read More “Predator spyware demonstrates troubleshooting, researcher-dodging capabilities – CyberScoop” »
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions – Read More –
AI agents have quickly moved from experimental tools to core components of daily workflows across security, engineering, IT, and operations. What began as individual productivity aids, like personal code assistants, chatbots, and copilots, has evolved into shared, organization-wide agents embedded in critical processes. These agents can orchestrate workflows across multiple systems, for example: – Read … Read More “AI Agents Are Becoming Privilege Escalation Paths – The Hacker News” »
Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools – Read More –
A hacker claims a full breach of Russia’s Max Messenger, threatening to leak user data and backend systems if demands are not met. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Microsoft announced Wednesday that it worked with international law enforcement to seize infrastructure used to run cybercrime subscription service RedVDS and organized civil actions in the United States and United Kingdom to disrupt its further use. RedVDS has enabled at least $40 million in fraud losses in the U.S. since March 2025, according to Microsoft. … Read More “Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace – CyberScoop” »
A new DeadLock ransomware operation uses Polygon blockchain smart contracts to manage proxy server addresses – Read More –
Austin, TX / USA, 14th January 2026, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Microsoft kicks off 2026 with 115 security updates, including a fix for an actively exploited zero-day. Protect your Windows and Office systems today. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
As software supply chains become longer and more interconnected, enterprises have become well aware of the need to… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Security experts have disclosed details of an active malware campaign that’s exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. “Attackers achieve evasion by pairing a malicious libcares-2.dll with any signed version of the legitimate … Read More “Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware – The Hacker News” »
Customer support teams adopt chatbots to reduce workload, shorten response times, and control costs. Freshdesk makes chatbot deployment… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
New York, NY, 14th January 2026, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
In today’s digital age, video content has become an essential tool for communication, education, and entertainment. Whether it’s… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
A new investigation by GreyNoise reveals a massive wave of over 90,000 attacks targeting AI tools like Ollama and OpenAI. Experts warn that hackers are conducting “reconnaissance” to map out vulnerabilities in enterprise AI systems. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. “An improper neutralization of special elements used in an OS … Read More “Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution – The Hacker News” »
The financial sector should finalize its post-quantum cryptography transition circa 2034, G7 cyber experts said – Read More –
Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed … Read More “Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited – The Hacker News” »
Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download … Read More “New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification – The Hacker News” »
Chainalysis estimates $17bn will be lost to crypto scams in 2025 as AI takes hold – Read More –
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation – Read More –
Explore how cybercrime markets turn stolen data into laundered funds using dollar‑pegged assets, mixers and exchanges-and why tracking BTC USDT price and stablecoin flows now matters for security, fraud and AML teams. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Node.js has released updates to fix what it described as a critical security issue impacting “virtually every production Node.js app” that, if successfully exploited, could trigger a denial-of-service (DoS) condition. “Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability,” … Read More “Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow – The Hacker News” »
New principles help organisations to design, review, and secure connectivity to (and within) OT systems. – Read More – NCSC Feed
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025. The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is … Read More “PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces – The Hacker News” »
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; … Read More “Critical Patches Issued for Microsoft Products, January 13, 2026 – Cyber Security Advisories – MS-ISAC” »
Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiSandbox is an advanced threat detection solution from Fortinet that uses sandboxing to analyze suspicious files and network traffic for advanced threats like zero-day malware and ransomware. FortiWeb is a web application firewall (WAF) that protects web … Read More “Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; … Read More “Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” rating, and the company warns that attackers are already exploiting one of the bugs fixed today. January’s Microsoft zero-day flaw — CVE-2026-20805 — is brought to us … Read More “Patch Tuesday, January 2026 Edition – Krebs on Security” »
President Donald Trump re-nominated Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency on Tuesday, after Plankey’s bid for the position ended last year stuck in the Senate. It’s not clear whether or how Plankey’s resubmitted nomination will overcome the hurdles that left many observers convinced his chance of becoming CISA director had likely … Read More “Sean Plankey re-nominated to lead CISA – CyberScoop” »
Microsoft’s first security update of 2026 addressed 112 vulnerabilities affecting its products and underlying systems, including one actively exploited zero-day in Desktop Window Manager. The company’s latest Patch Tuesday update marks the second consecutive month with no critical vulnerabilities disclosed. The batch of patches also contains more than 110 CVEs for the second January in … Read More “Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day – CyberScoop” »
A Trump administration official endorsed a slate of congressional bills Tuesday targeting cybersecurity in the energy sector while touting the office’s new emphasis on AI-driven cyber defenses. Meanwhile, Democratic members repeatedly pressed him over the cybersecurity and reliability impacts from thousands of job cuts that have taken place at the Department of Energy over the … Read More “CESER chief touts AI projects as congressional Dems point to federal cuts – CyberScoop” »
Amid budding sentiment in the Trump administration and Congress to expand offensive cyber operations, some lawmakers and experts are warning that the United States needs to get its defenses in order before going too far down that road. A House Homeland Security subcommittee on Tuesday examined how to deter foreign cyberattacks, with an emphasis on … Read More “Hill warning: Don’t put cyber offense before defense – CyberScoop” »
Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. “Enterprise organizations that are clients of these payment providers are the most likely to be impacted,” Silent Push said in a report … Read More “Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages – The Hacker News” »
In episode 83 of The AI Fix, Graham reveals he’s taken up lying to LLMs, and shows how a journalist exposed AI bluffers with a made-up idiom. Meanwhile Mark invents a “Godwin’s Law” for AI, and explains how to ruin any LLM with humus. Also in this episode, a marriage is declared invalid thanks to … Read More “The AI Fix #83: ChatGPT Health, Victorian LLMs, and the biggest AI bluffers – GRAHAM CLULEY” »
Telegram will add a warning for proxy links after reports showed they can expose user IP addresses with a single click, bypassing VPN or privacy settings. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
I may be in Tokyo preparing for Pwn2Own Automotive, but that doesn’t stop patch Tuesday from coming. Put aside you broken New Year’s resolutions for just a moment as we review the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check out … Read More “The January 2026 Security Update Review – Zero Day Initiative – Blog” »
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Mozilla Thunderbird … Read More “Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Flowable has launched version 2025.2 of its enterprise work orchestration platform, adding support for governed multi-agent AI, impact… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still … Read More “Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool – The Hacker News” »
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques – Read More –
A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution – Read More –
Researchers at Silent Push have exposed a global Magecart campaign stealing credit card data since 2022. Learn how this invisible web-skimming attack targets major networks like Mastercard and Amex, and how to stay safe. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
CrowdStrike announced Tuesday an agreement to acquire Seraphic Security, a browser runtime security provider, in a move that signals growing recognition among cybersecurity firms that traditional protective measures have failed to keep pace with how employees actually work. The acquisition, expected to close during CrowdStrike’s first fiscal quarter of 2027, will integrate Seraphic’s browser-level protection … Read More “CrowdStrike is buying Seraphic Security to lock down the browser, where work actually happens – CyberScoop” »
ServiceNow has addressed a critical security vulnerability in its AI platform that could have allowed unauthenticated users to impersonate legitimate users and perform unauthorized actions, the company disclosed Monday. The flaw, designated CVE-2025-12420 and carrying a severity score of 9.3 out of 10, was discovered by SaaS security firm AppOmni in October. ServiceNow deployed fixes … Read More “ServiceNow patches critical AI platform flaw that could allow user impersonation – CyberScoop” »
CrowdStrike announced Tuesday an agreement to acquire Seraphic Security, a browser runtime security provider, in a move that signals growing recognition among cybersecurity firms that traditional protective measures have failed to keep pace with how employees actually work. The acquisition, expected to close during CrowdStrike’s first fiscal quarter of 2027, will integrate Seraphic’s browser-level protection … Read More “CrowdStrike is buying Seraphic Security to lock down the browser, where work actually happens – CyberScoop” »
AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks. Behind every agentic workflow sits a layer few … Read More “[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl – The Hacker News” »
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments – Read More –
![[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl – The Hacker News](https://attackfeed.com/wp-content/uploads/2026/01/ai-agent-C3Hsu0.webp)
